

<!DOCTYPE html>
<html class="writer-html5" lang="en" >
<head>
  <meta charset="utf-8" />
  <meta name="generator" content="Docutils 0.19: https://docutils.sourceforge.io/" />

  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  
  <title>CVE-2021-3509: Dashboard XSS via token cookie &mdash; Ceph Documentation</title>
  

  
  <link rel="stylesheet" href="../../_static/ceph.css" type="text/css" />
  <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
  <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
  <link rel="stylesheet" href="../../_static/ceph.css" type="text/css" />
  <link rel="stylesheet" href="../../_static/graphviz.css" type="text/css" />
  <link rel="stylesheet" href="../../_static/css/custom.css" type="text/css" />

  
  

  
  

  

  
  <!--[if lt IE 9]>
    <script src="../../_static/js/html5shiv.min.js"></script>
  <![endif]-->
  
    
      <script type="text/javascript" id="documentation_options" data-url_root="../../" src="../../_static/documentation_options.js"></script>
        <script src="../../_static/jquery.js"></script>
        <script src="../../_static/_sphinx_javascript_frameworks_compat.js"></script>
        <script data-url_root="../../" id="documentation_options" src="../../_static/documentation_options.js"></script>
        <script src="../../_static/doctools.js"></script>
        <script src="../../_static/sphinx_highlight.js"></script>
    
    <script type="text/javascript" src="../../_static/js/theme.js"></script>

    
    <link rel="index" title="Index" href="../../genindex/" />
    <link rel="search" title="Search" href="../../search/" />
    <link rel="next" title="CVE-2021-20288: Unauthorized global_id reuse in cephx" href="../CVE-2021-20288/" />
    <link rel="prev" title="CVE-2021-3524: HTTP header injects via CORS in RGW" href="../CVE-2021-3524/" /> 
</head>

<body class="wy-body-for-nav">

   
  <header class="top-bar">
    <div role="navigation" aria-label="Page navigation">
  <ul class="wy-breadcrumbs">
      <li><a href="../../" class="icon icon-home" aria-label="Home"></a></li>
          <li class="breadcrumb-item"><a href="../">Security</a></li>
          <li class="breadcrumb-item"><a href="../cves/">Past vulnerabilities</a></li>
      <li class="breadcrumb-item active">CVE-2021-3509: Dashboard XSS via token cookie</li>
      <li class="wy-breadcrumbs-aside">
            <a href="../../_sources/security/CVE-2021-3509.rst.txt" rel="nofollow"> View page source</a>
      </li>
  </ul>
  <hr/>
</div>
  </header>
  <div class="wy-grid-for-nav">
    
    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
      <div class="wy-side-scroll">
        <div class="wy-side-nav-search"  style="background: #eee" >
          

          
            <a href="../../" class="icon icon-home"> Ceph
          

          
          </a>

          

          
<div role="search">
  <form id="rtd-search-form" class="wy-form" action="../../search/" method="get">
    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
    <input type="hidden" name="check_keywords" value="yes" />
    <input type="hidden" name="area" value="default" />
  </form>
</div>

          
        </div>

        
        <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
          
            
            
              
            
            
              <ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../start/">Ceph 简介</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../install/">安装 Ceph</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../cephadm/">Cephadm</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../rados/">Ceph 存储集群</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../cephfs/">Ceph 文件系统</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../rbd/">Ceph 块设备</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../radosgw/">Ceph 对象网关</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../mgr/">Ceph 管理器守护进程</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../mgr/dashboard/">Ceph 仪表盘</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../monitoring/">监控概览</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../api/">API 文档</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../architecture/">体系结构</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../dev/developer_guide/">开发者指南</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../dev/internals/">Ceph 内幕</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../governance/">项目管理</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../foundation/">Ceph 基金会</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../ceph-volume/">ceph-volume</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../releases/general/">Ceph 版本（总目录）</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../releases/">Ceph 版本（索引）</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../">Security</a><ul class="current">
<li class="toctree-l2 current"><a class="reference internal" href="../cves/">Past Vulnerabilities / CVEs</a><ul class="current">
<li class="toctree-l3"><a class="reference internal" href="../CVE-2022-0670/"> CVE-2022-0670</a></li>
<li class="toctree-l3"><a class="reference internal" href="../CVE-2021-3531/"> CVE-2021-3531</a></li>
<li class="toctree-l3"><a class="reference internal" href="../CVE-2021-3524/"> CVE-2021-3524</a></li>
<li class="toctree-l3 current"><a class="current reference internal" href="#"> CVE-2021-3509</a><ul>
<li class="toctree-l4"><a class="reference internal" href="#affected-versions">Affected versions</a></li>
<li class="toctree-l4"><a class="reference internal" href="#fixed-versions">Fixed versions</a></li>
<li class="toctree-l4"><a class="reference internal" href="#recommendations">Recommendations</a></li>
</ul>
</li>
<li class="toctree-l3"><a class="reference internal" href="../CVE-2021-20288/"> CVE-2021-20288</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="../process/">Vulnerability Management Process</a></li>
<li class="toctree-l2"><a class="reference internal" href="../#reporting-a-vulnerability">Reporting a vulnerability</a></li>
<li class="toctree-l2"><a class="reference internal" href="../#supported-versions">Supported versions</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../hardware-monitoring/">硬件监控</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../glossary/">Ceph 术语</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../jaegertracing/">Tracing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../translation_cn/">中文版翻译资源</a></li>
</ul>

            
          
        </div>
        
      </div>
    </nav>

    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">

      
      <nav class="wy-nav-top" aria-label="top navigation">
        
          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
          <a href="../../">Ceph</a>
        
      </nav>


      <div class="wy-nav-content">
        
        <div class="rst-content">
        
          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
           <div itemprop="articleBody">
            
<div id="dev-warning" class="admonition note">
  <p class="first admonition-title">Notice</p>
  <p class="last">This document is for a development version of Ceph.</p>
</div>
  <div id="docubetter" align="right" style="padding: 5px; font-weight: bold;">
    <a href="https://pad.ceph.com/p/Report_Documentation_Bugs">Report a Documentation Bug</a>
  </div>

  
  <section id="cve-2021-3509-dashboard-xss-via-token-cookie">
<span id="cve-2021-3509"></span><h1>CVE-2021-3509: Dashboard XSS via token cookie<a class="headerlink" href="#cve-2021-3509-dashboard-xss-via-token-cookie" title="Permalink to this heading"></a></h1>
<ul class="simple">
<li><p><a class="reference external" href="https://nvd.nist.gov/vuln/detail/CVE-2021-3509">NIST information page</a></p></li>
</ul>
<p>The Ceph Dashboard was vulnerable to an XSS attack that could expose the authentication
cookie to other sites.</p>
<section id="affected-versions">
<h2>Affected versions<a class="headerlink" href="#affected-versions" title="Permalink to this heading"></a></h2>
<ul class="simple">
<li><p>Octopus v15.2.0 and later</p></li>
</ul>
</section>
<section id="fixed-versions">
<h2>Fixed versions<a class="headerlink" href="#fixed-versions" title="Permalink to this heading"></a></h2>
<ul class="simple">
<li><p>Pacific v16.2.4 (and later)</p></li>
<li><p>Octopus v15.2.12 (and later)</p></li>
<li><p>Nautilus v14.2.21 (and later)</p></li>
</ul>
</section>
<section id="recommendations">
<h2>Recommendations<a class="headerlink" href="#recommendations" title="Permalink to this heading"></a></h2>
<p>All users of the Ceph dashboard should upgrade.</p>
</section>
</section>



<div id="support-the-ceph-foundation" class="admonition note">
  <p class="first admonition-title">Brought to you by the Ceph Foundation</p>
  <p class="last">The Ceph Documentation is a community resource funded and hosted by the non-profit <a href="https://ceph.io/en/foundation/">Ceph Foundation</a>. If you would like to support this and our other efforts, please consider <a href="https://ceph.io/en/foundation/join/">joining now</a>.</p>
</div>


           </div>
           
          </div>
          <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
        <a href="../CVE-2021-3524/" class="btn btn-neutral float-left" title="CVE-2021-3524: HTTP header injects via CORS in RGW" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
        <a href="../CVE-2021-20288/" class="btn btn-neutral float-right" title="CVE-2021-20288: Unauthorized global_id reuse in cephx" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
    </div>

  <hr/>

  <div role="contentinfo">
    <p>&#169; Copyright 2016, Ceph authors and contributors. Licensed under Creative Commons Attribution Share Alike 3.0 (CC-BY-SA-3.0).</p>
  </div>

   

</footer>
        </div>
      </div>

    </section>

  </div>
  

  <script type="text/javascript">
      jQuery(function () {
          SphinxRtdTheme.Navigation.enable(true);
      });
  </script>

  
  
    
   

</body>
</html>